Configuring and Monitoring Port Security

Port Security

Adding an Authorized Device to a Port. To simply add a device (MAC address) to a port’s existing Authorized Addresses list, enter the port number with the mac-addressparameter and the device’s MAC address. This assumes that Learn Mode is set to static and the Authorized Addresses list is not full (as determined by the current Address Limit value). For example, suppose port A1 allows two authorized devices, but has only one device in its Authorized Address list:

Although the Address Limit is set to 2, only one device has been authorized for this port. In this case you can add another without having to also increase the Address Limit.

The Address Limit has not been reached.

Figure 11-5. Example of Adding an Authorized Device to a Port

With the above configuration for port A1, the following command adds the 0c0090-456456 MAC address as the second authorized address.

ProCurve(config)# port-security a1 mac-address 0c0090- 456456

After executing the above command, the security configuration for port A1 would be:

The Address Limit has been reached.

Figure 11-6. Example of Adding a Second Authorized Device to a Port

11-19